Does anyone know if there is a way to authenticate SER to MS Active
Directory? I'd like to use an existing user database instead of
having to manage users myself, and most of our users are in Active
Directory.
Has anyone tried this?
What are most SER users using for authentication? Is anyone here
tying into any kind of existing organization user database?
Hi Jiri.
Two questions please.
1.)
Jiri Kuthan HYPERLINK
"mailto:serusers%40iptel.org?Subject=%5BSerusers%5D%20ENUM%20variable%20TLD%
3F&In-Reply-To=4032B769.8000804%40august.net"jiri at iptel.org
Wed Feb 18 02:25:07 CET 2004
* Previous message: HYPERLINK
"http://lists.iptel.org/pipermail/serusers/2004-February/006025.html"[Seruser
s] ENUM variable TLD?
* Next message: HYPERLINK
"http://lists.iptel.org/pipermail/serusers/2004-February/006022.html"[Seruser
s] current uri
* Messages sorted by: HYPERLINK
"http://lists.iptel.org/pipermail/serusers/2004-February/date.html#6026"[
date ] HYPERLINK
"http://lists.iptel.org/pipermail/serusers/2004-February/thread.html#6026"[
thread ] HYPERLINK
"http://lists.iptel.org/pipermail/serusers/2004-February/subject.html#6026"[
subject ] HYPERLINK
"http://lists.iptel.org/pipermail/serusers/2004-February/author.html#6026"[
author ]
_____
on development branch there is an updated enum module which
allows you to use private enum trees the way you are asking.
If you need it, there should be no conflicts if you take
devel version of enum and put it in your 8.12 source tree.
-jiri
At 01:52 AM 2/18/2004, Greg Fausak wrote:
>Normally I do enum lookups inside my
>domain, however, I want to be able to do
>an enum lookup at other TLD. Is there a
>way to do that? Maybe enum_query("e164.other.com")??
>
I have downloaded the latest code as you suggested but have not been able to
figure out how to specify a different TLD.
I have looked a documentation but that has not helped either.
Can you please tell me what the function I need is called?
2.)
Is there an updated ENUM module that would allow me to preform an ENUM query
based on a spcified prefix?
In other words, what if I would like to preform an ENUM query when a number
comes in with a "**" instead of the "+".
I have modified the c code to do this for me but was wondering if you have
released a "production" version of this code.
Thanks,
David Schwartz
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.796 / Virus Database: 540 - Release Date: 11/13/2004
Hi All,
Any idea, how to change registration timeout value in
ser.cfg so that my phone register with the server
every 5 minutes in place of default 1 minute.
Please advise.
Regards,
Suvendu.
________________________________________________________________________
Yahoo! India Matrimony: Find your life partner online
Go to: http://yahoo.shaadi.com/india-matrimony
Hi there
after slashing my head with a hammer for a little bit,
reading many times the SER RADIUS Howto and acc man
page, I managed to get acc to log some RADIUS accounting
packets (Stop records and Call Failure records) with
FreeRADIUS
unfortunately, I could not discover how to generate
the START records, no matter what I tried!!
as the Stop record doesn't have RADIUS session-time,
I need the Start record so my current billing system
can be used.
I've searched the list archives quite a bit, and
googled on [serusers] and FreeRADIUS lists but
couldn't find a clue.
any help would be gratelly appreciated
snippets of ser.cfg
[...]
loadmodule "/usr/lib/ser/modules/registrar.so"
loadmodule "/usr/lib/ser/modules/auth.so"
loadmodule "/usr/lib/ser/modules/auth_radius.so"
# acc compiled with RADIUS support
loadmodule "/usr/lib/ser/modules/acc.so"
loadmodule "/usr/lib/ser/modules/nathelper.so"
# -- acc params --
modparam("acc", "radius_config", "/etc/radiusclient/radiusclient.conf")
modparam("acc", "radius_flag", 1)
modparam("acc", "radius_missed_flag", 2)
#modparam("acc", "log_level", 1)
#modparam("acc", "failed_transactions", 1)
#modparam("acc", "report_cancels", 1)
#modparam("acc", "report_ack", 1)
# -- usrloc params --
modparam("usrloc", "db_mode", 0)
# -- auth_radius params --
modparam("auth_radius", "radius_config",
"/etc/radiusclient/radiusclient.conf")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# !! Nathelper
modparam("registrar", "nat_flag", 6)
modparam("nathelper", "natping_interval", 30) # Ping interval 30 s
modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT
[...] pretty much nathelper.cfg example [...]
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
log(1,"LOG: not found\n");
setflag(2);
sl_send_reply("404", "Not Found");
break;
};
};
append_hf("P-hint: usrloc applied\r\n");
route(1);
}
route[1]
{
# !! Nathelper
if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)"
&& !search("^Route:")){
sl_send_reply("479", "We don't forward to private IP
addresses");
break;
};
log(1, "LOG: route[1]\n");
setflag(1);
# if client or server know to be behind a NAT, enable relay
if (isflagset(6)) {
force_rtp_proxy();
};
t_on_reply("1");
# send it out now; use stateful forwarding as it works reliably
# even for UDP2TCP
if (!t_relay()) {
sl_reply_error();
};
}
onreply_route[1] {
if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") {
fix_nated_contact();
# CHECK LATER: does this need to be enclosed on
# if(method==BYE || method==CANCEL) ???
force_rtp_proxy();
} else if (nat_uac_test("1")) {
fix_nated_contact();
};
}
# EOF ---
one thing that I noticed was that, depending on which
side ended the call, the RADIUS Stop packet cames with
that side being the calling-station-id and the peer
being the called-station-id. is it supposed to be that
way?
Cheers
!3runo
P.S. in case it matters:
# ser -V
version: 0.8.14 (i386/linux)
flags: STATS:Off, USE_IPV6, USE_TCP, DISABLE_NAGLE, DNS_IP_HACK,
SHM_MEM, SHM_MMAP, PKG_MALLOC, F_MALLOC, FAST_LOCK-ADAPTIVE_WAIT
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16,
MAX_URI_SIZE 1024, BUF_SIZE 65535
@(#) $Id: main.c,v 1.168.4.3 2004/06/28 15:41:21 andrei Exp $
main.c compiled on 07:13:08 Nov 17 2004 with gcc 3.3
hello i have ser 0.8.14 working, some clients are behind nat others not.
i have setup pstn gateway - asterisk a try to route some call here, but
there is some problem with audio, from both clients - with real ip
address and clients behind nat. Called party hear everything what caller
say, but caller hear nothing.
calling between client with real address and other behind nat works fine.
ser and pstn-gateway have real ip addresses, they are no same subnet.
Can anybody help me to solve this problem ?
below is my sr.cfg
best regards Marian
#
# $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
#debug=3 # debug level (cmd line: -dddddddddd)
#fork=yes
#log_stderror=no # (cmd line: -E)
/* Uncomment these lines to enter debugging mode
debug=7
fork=no
log_stderror=yes
*/
alias=mdk10.sunteq.sk
alias=sunteq.sk
#alias=atlas.sunteq.sk
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
#port=5060
#children=4
fifo="/tmp/ser_fifo"
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
loadmodule "/lib/ser/modules/mysql.so"
loadmodule "/lib/ser/modules/sl.so"
loadmodule "/lib/ser/modules/tm.so"
loadmodule "/lib/ser/modules/rr.so"
loadmodule "/lib/ser/modules/maxfwd.so"
loadmodule "/lib/ser/modules/usrloc.so"
loadmodule "/lib/ser/modules/registrar.so"
loadmodule "/lib/ser/modules/textops.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "/lib/ser/modules/auth.so"
loadmodule "/lib/ser/modules/auth_db.so"
# load the voicemail module
#loadmodule "/lib/ser/modules/vm.so"
# load the enum module
loadmodule "/lib/ser/modules/enum.so"
# load the group module, to verify if a user forwards to voicemail
loadmodule "/lib/ser/modules/group.so"
# load the nathelper module
loadmodule "/lib/ser/modules/nathelper.so"
loadmodule "/lib/ser/modules/acc.so"
# ----------------- setting module-specific parameters ---------------
# -- registrar parameter
# special NAT flag indicates that a registered client is behind NAT
modparam("registrar", "nat_flag", 6)
# -- usrloc params --
#modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
modparam("usrloc", "db_mode", 2)
#modparam("usrloc", "db_url", "mysql://ser:heslo@localhost/ser")
modparam("usrloc|auth_db|acc|group|msilo|uri","db_url","mysql://ser:heslo@localhost/ser")
# -- auth params --
# Uncomment if you are using auth module
#
modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
modparam("auth_db", "password_column", "password")
#modparam("auth_db", "db_url", "mysql://ser:heslo@localhost/ser")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# -- voicemail params --
#modparam("voicemail", "db_url","mysql://ser:heslo@localhost/ser")
# -- voicemail params --
#modparam("group", "db_url","mysql://serro:heslo@localhost/ser")
# -- nathelper params --
modparam("nathelper", "natping_interval", 3)
modparam("nathelper", "ping_nated_only", 1)
modparam("tm", "fr_inv_timer", 30 )
#modparam("tm", "fr_inv_timer", 8 )
# ------------------------- request routing logic -------------------
# main routing logic
route{
log(1, "-------------------------------------------\n");
log(1, "entering main loop\n");
if (nat_uac_test("2")) {
log(1, "src address different than via header->NAT
detected\n");
log(1, "force_rport and fix_nated_contact and
setflag(5)\n");
#try NAT traversal, works only if the client is symmetrical
force_rport();
fix_nated_contact();
append_hf("P-hint: fixed NAT contact for request\r\n");
# flag 5 indicates that incoming request is from NATed
client
setflag(5);
};
if (method=="REGISTER")
log(1, "REGISTER message received\n");
if (method=="INVITE")
log(1, "INVITE message received\n");
if (method=="ACK")
log(1, "ACK message received\n");
if (method=="BYE")
log(1, "BYE message received\n");
if (method=="CANCEL")
log(1, "CANCEL message received\n");
if (method=="SUBSCRIBE")
log(1, "SUBSCRIBE message received\n");
if (method=="NOTIFY")
log(1, "NOTIFY message received\n");
if (method=="OPTIONS")
log(1, "OPTIONS message received\n");
if (method=="INFO")
log(1, "INFO message received\n");
if (method=="MESSAGE")
log(1, "MESSAGE message received\n");
if (method=="REFER")
log(1, "REFER message received\n");
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if (msg:len > max_len) {
#if (len_gt( max_len )) {
sl_send_reply("513", "Message too big");
break;
};
# loose-route processing
if (loose_route()) {
log(1, "loose_route processing\n");
t_relay();
break;
};
# Check for PSTN access
if (uri=~"^sip:0[0-9]*@.*") {
log(1, "going to PSTN route3\n");
route(3);
break;
};
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri==myself) {
if (method=="REGISTER") {
log(1, "analyzing REGISTER request\n");
# Uncomment this if you want to use digest authentication
if (!www_authorize("mdk10.sunteq.sk",
"subscriber")) {
www_challenge("mdk10.sunteq.sk", "0");
break;
};
if (isflagset(5)) {
#register from nated client, save
nat_flag=6
#in location table
setflag(6);
};
if (!save("location")) {
log(1, "save location error\n");
sl_reply_error();
};
break;
};
lookup("aliases");
#mark transaction for voicemail
#if (is_user_in("Request-URI", "voicemail\n")) {
# log(1, "requested user is in voicemail group");
# setflag(4);
#};
# Process Aliases
lookup("aliases");
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
# handle user which was not found
log(1, "requested user not found\n");
route(4);
break;
};
};
#add failure route which should be performed if response code >=300
if (method=="INVITE" && isflagset(4)) {
log(1, "invite for voicemail user->initiate
failureroute[1]\n");
t_on_failure("1");
};
# forward to current uri now; use stateful forwarding; that
# works reliably even if we forward from TCP to UDP
route(1);
}
route[1]{
log(1, "-------------------------------------------\n");
log(1, "entering route[1] - relaying SIP message\n");
if ((isflagset(5)) || (isflagset(6))) {
log(1, "at least one of the participants is
NATed->record_route\n");
record_route();
log(1, " -->setting up reply processing
->onreply_route[1]");
t_on_reply("1");
if (method=="INVITE") {
log(1, " INVITE request-->force_rtp_proxy,
set NATED-INVITE flag(7)");
force_rtp_proxy();
append_hf("P-hint: request forced to rtp
proxy\r\n");
setflag(7);
};
};
log(1, "relaying message ...\n");
if (!t_relay()) {
log(1, "t_relay error occured\n");
sl_reply_error();
};
}
# all incoming replies for t_onrepli-ed transactions enter here
onreply_route[1] {
log(1, "-------------------------------------------\n");
log(1, "onreply_route[1] entered\n");
if (isflagset(6)) {
log(1, "transaction was sent to a NATED client -> fix
nated contact\n");
fix_nated_contact();
append_hf("P-hint: fixed NAT contact for response\r\n");
}
if ( (status=~"100") ) {
log(1, "status 100 received\n");
};
if ( (status=~"180") ) {
log(1, "status 180 received\n");
};
if ( (status=~"202") ) {
log(1, "status 202 received\n");
};
if ( (status=~"200" || status=~"183") ) {
log(1, "status 2xx or 183");
if ( isflagset(7) ) {
log(1, "marked(7) as NATED-INVITE ->
force_rtp_proxy \n");
force_rtp_proxy();
append_hf("P-hint: response forced to rtp
proxy\r\n");
};
};
}
route[3] {
if (method=="INVITE" && (!src_ip==194.1.222.26)) {
log(1, "method is invite\n");
if (!proxy_authorize( "mdk10.sunteq.sk","subscriber")) {
proxy_challenge( "mdk10.sunteq.sk", "0");
break;
};
# let's check from=id ... avoids accounting confusion
if(!is_user_in("credentials", "local")) {
sl_send_reply("403", "NO PSTN Privileges...");
break;
};
consume_credentials();
}; # INVITE to authorized PSTN
log(1, "authorized to PSTN\n");
# if you have passed through all the checks, let your call go to GW!
force_rtp_proxy();
record_route();
t_on_reply("1");
# snom conditioner
if (method=="INVITE" && search("User-Agent: snom")) {
replace("100rel, ", "");
};
append_hf("P-hint: GATEWAY\r\n");
# use UDP to guarantee well-known sender port (TCP ephemeral)
t_relay_to_udp("194.1.222.26","5060");
}
route[4]{
log(1, "-------------------------------------------\n");
log(1, "entering route[4] = requested user not online\n");
# non-Voip -- just send "off-line"
if (!(method == "INVITE" || method == "ACK" || method ==
"CANCEL" || method == "REFER" || method == "BYE")) {
log(1, "no invite,ack,cancel,refer->return 404\n");
sl_send_reply("404", "Not Found");
break;
};
# not voicemail subscriber and no echo/conference call
if ( isflagset(4)) {
log(1, "flag(4) active\n");
};
if (uri =~ "conference") {
log(1, "conference call\n");
};
if (uri =~ "echo") {
log(1, "echo call\n");
};
if ( !( isflagset(4) || (uri =~ "conference") || (uri =~
"echo") ) ) {
log(1, "no voicemail subscriber->return 404");
sl_send_reply("404", "Not Found and no voicemail turned
on");
break;
};
if ( isflagset(5) ) {
log(1, "caller is NATed->record_route\n");
record_route();
log(1, " -->setting up reply processing
->onreply_route[1]");
t_on_reply("1");
if (method=="INVITE") {
log(1, " INVITE request-->force_rtp_proxy");
force_rtp_proxy();
};
};
# forward to voicemail now
rewritehostport("192.168.1.253:5060");
log(1, "forward to voicemail\n");
t_relay_to_udp("192.168.1.253", "5060");
}
failure_route[1] {
/* XX: note: unsafe if preloaded routes without username used */
log(1, "-------------------------------------------\n");
log(1, "failureroute[1] entered\");
revert_uri();
rewritehostport("212.17.35.184:5060");
append_branch();
t_relay_to_udp("212.17.35.184", "5060");
}
Anyone else seeing problems with Polycom 300 phones ignoring CANCEL
messages from a SER proxy? I've got a number of SER proxies (running
0.8.12) that are receiving CANCEL messages and passing them on to the
Polycom phone, but all indications are that the phone is just ignoring
them (as it continues to ring).
Below is an example capture:
U 2004/11/08 15:10:32.802663 172.16.22.25:5060 -> 130.110.72.16:5060
SIP/2.0 180 Ringing..Via: SIP/2.0/UDP 130.110.72.16..From: "Interaction Cen
ter" <sip:8475787000@GLCU.ORG;type=ICConnectionCall>;tag=8500..To: <sip:187
42@172.16.22.25:5060>;tag=585588F8-A212D515..CSeq: 1 INVITE..Call-ID: 198f7
c0ca5c28e7f59759c1f1c024617@130.110.72.16..Contact:<sip:18742@172.31.22.12>
..Record-Route: <sip:18742@172.16.22.25;ftag=8500;lr=on>..User-Agent: Polyc
omSoundPointIP-SPIP_500-UA/1.1.0..Content-Length: 0....
U 2004/11/08 15:10:47.634541 130.110.72.16:1136 -> 172.16.22.25:5060
CANCEL sip:18742@172.16.22.25:5060 SIP/2.0..To: <sip:18742@172.16.22.25:506
0>..From: "Interaction Center" <sip:8475787000@GLCU.ORG;type=ICConnectionCa
ll>;tag=8500..Via: SIP/2.0/UDP 130.110.72.16..CSeq: 1 CANCEL..Call-ID: 198f
7c0ca5c28e7f59759c1f1c024617@130.110.72.16..User-Agent: ININ-EICSRVR01-9987
9649..Content-Length: 0....
U 2004/11/08 15:10:47.634635 172.16.22.25:5060 -> 172.31.22.12:5060
CANCEL sip:18742@172.31.22.12 SIP/2.0..Max-Forwards: 10..Record-Route: <sip
:18742@172.16.22.25;ftag=8500;lr=on>..To: <sip:18742@172.16.22.25:5060>..Fr
om: "Interaction Center" <sip:8475787000@GLCU.ORG;type=ICConnectionCall>;ta
g=8500..Via: SIP/2.0/UDP 172.16.22.25;branch=z9hG4bK7377.54324bd5.0..Via: S
IP/2.0/UDP 130.110.72.16..CSeq: 1 CANCEL..Call-ID: 198f7c0ca5c28e7f59759c1f
1c024617@130.110.72.16..User-Agent: ININ-EICSRVR01-99879649..Content-Length
: 0....
U 2004/11/08 15:10:47.986990 172.16.22.25:5060 -> 172.31.22.12:5060
CANCEL sip:18742@172.31.22.12 SIP/2.0..Max-Forwards: 10..Record-Route: <sip
:18742@172.16.22.25;ftag=8500;lr=on>..To: <sip:18742@172.16.22.25:5060>..Fr
om: "Interaction Center" <sip:8475787000@GLCU.ORG;type=ICConnectionCall>;ta
g=8500..Via: SIP/2.0/UDP 172.16.22.25;branch=z9hG4bK7377.54324bd5.0..Via: S
IP/2.0/UDP 130.110.72.16..CSeq: 1 CANCEL..Call-ID: 198f7c0ca5c28e7f59759c1f
1c024617@130.110.72.16..User-Agent: ININ-EICSRVR01-99879649..Content-Length
: 0....
U 2004/11/08 15:10:48.124132 130.110.72.16:1136 -> 172.16.22.25:5060
CANCEL sip:18742@172.16.22.25:5060 SIP/2.0..To: <sip:18742@172.16.22.25:506
0>..From: "Interaction Center" <sip:8475787000@GLCU.ORG;type=ICConnectionCa
ll>;tag=8500..Via: SIP/2.0/UDP 130.110.72.16..CSeq: 1 CANCEL..Call-ID: 198f
7c0ca5c28e7f59759c1f1c024617@130.110.72.16..User-Agent: ININ-EICSRVR01-9987
9649..Content-Length: 0....
--
Jamin W. Collins
"Never underestimate the power of very stupid people in large groups."
-- John Kenneth Galbraith
Greetings,
For some reason enum_query("") failed in our setup to properly
resolve NAPTR records.
When I do a SIP INVITE to something like +41446336297(a)test.ethz.ch
with debug=9 in ser.cfg, I get syslog entries
get_record: lookup(7.9.2.6.3.3.6.4.4.1.4, 35) failed
enum_query(): No NAPTR record found for 7.9.2.6.3.3.6.4.4.1.4.
and the SIP ENUM call fails.
__
However, if we apply the following unified patch
--- modules/enum.ori/enum.c Fri Sep 3 10:15:09 2004
+++ modules/enum/enum.c Fri Sep 3 12:51:37 2004
@@ -258,6 +258,8 @@
memcpy(name + j, suffix->s, suffix->len + 1);
+ strcat(name, "e164.arpa");
+
head = get_record(name, T_NAPTR);
if (head == 0) {
to vanilla ser-0.8.14, all goes well.
Apparently, the domain_suffix parameter in the enum module can be set
but is not automatically appended. Can someone confirm this?
Cheers,
Marcel
Hi,
I want to make a ser backup route.I have a route for examples that
forwards the calls to a specific ip destination.I want to make a backup
route to send those calls to another ip destination whenever the first ip
destination is not available (Not Found ,etc.).
Thanks
Hello,
I think the white space is not legal in 3261. Please take a look at the
message below.
Best regards,
Martin
-----Original Message-----
From: Attila Sipos [mailto:Attila.Sipos@vegastream.com]
Sent: Tuesday, November 16, 2004 12:01 PM
To: Martin Koenig; sip-implementors(a)cs.columbia.edu
Subject: RE: [Sip-implementors] Whitespace after value in SIP header field
Hi,
One of the headers in the posting to the SERusers mailing
list is:
Max-Forwards: 8 .
According to RFC3261 Max-Forwards is defined as:
Max-Forwards = "Max-Forwards" HCOLON 1*DIGIT
and DIGIT (from RFC2234) is:
DIGIT = "0" / "1" / "2" / "3" / "4" / "5" / "6" /
"7" / "8" / "9"
So, you can have a space between the colon and the first digit
but you're not allowed any spaces after or between any digits
and you're certainly not allowed a '.' character.
Regards,
Attila
Attila Sipos
Software Engineer
http://www.vegastream.com/
> -----Original Message-----
> From: sip-implementors-bounces(a)cs.columbia.edu
> [mailto:sip-implementors-bounces@cs.columbia.edu]On Behalf Of Martin
> Koenig
> Sent: 16 November 2004 09:56
> To: sip-implementors(a)cs.columbia.edu
> Subject: [Sip-implementors] Whitespace after value in SIP header field
>
>
> Hello,
>
> please check the following posting to the SERusers mailinglist:
>
> http://lists.iptel.org/pipermail/serusers/2004-September/011580.html
>
> What do you think? Is the white space after the header field
> value according
> to 3261 or not?
>
> Best regards,
> Martin
>
> _______________________________________________
> Sip-implementors mailing list
> Sip-implementors(a)cs.columbia.edu
> http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
>
Hi guys,
I have a strange problem when tying to forward call to Quintum gw.
Callee is hearing what I speak but I don't hear anything.
Forwarding to another SER is ok. Both - users with real ips and natted.
Somebody can help me?
Here is my config file:
debug=10 # debug level (cmd line: -dddddddddd)
#fork=yes
log_stderror=yes # (cmd line: -E)
/* Uncomment these lines to enter debugging mode
debug=7
fork=no
log_stderror=yes
*/
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
port=5060
children=4
fifo="/tmp/ser_fifo"
#fork=no
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/auth.so"
loadmodule "/usr/local/lib/ser/modules/auth_db.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"
loadmodule "/usr/local/lib/ser/modules/domain.so"
loadmodule "/usr/local/lib/ser/modules/mediaproxy.so"
loadmodule "/usr/local/lib/ser/modules/acc.so"
loadmodule "/usr/local/lib/ser/modules/group.so"
loadmodule "/usr/local/lib/ser/modules/nathelper.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params --
modparam("usrloc", "db_mode", 2)
modparam("usrloc", "db_url", "mysql://ser:heslo@192.168.2.15/ser")
modparam("usrloc","user_column","username")
modparam("auth_db", "calculate_ha1", yes)
modparam("auth_db", "password_column", "password")
modparam("rr", "enable_full_lr", 1)
#modparam("acc", "db_url", "mysql://ser:heslo@192.168.2.15/ser")
#modparam("acc", "log_level", 2)
#modparam("acc", "log_flag", 3)
#modparam("acc", "log_level", 1)
# number of flag, which will be used for accounting; if a message is
# labeled with this flag, its completion status will be reported
modparam("acc", "log_flag", 1)
modparam("acc", "log_fmt", "cdfimorstup")
modparam("acc", "db_url", "mysql://ser:heslo@192.168.2.15/ser")
modparam("acc", "db_flag", 1)
modparam("acc", "db_missed_flag", 1)
modparam("acc", "log_missed_flag", 1)
#modparam("acc", "report_cancels", 1)
modparam("acc", "report_ack", 1)
#modparam("mediaproxy", "mediaproxy_socket", "/var/run/proxydispatcher.sock")
#modparam("mediaproxy", "natping_interval", 20)
modparam("nathelper","rtpproxy_sock", "/var/run/rtpproxy.sock")
modparam("registrar", "nat_flag", 6)
modparam("nathelper", "natping_interval", 30) # Ping interval 30 s
modparam("nathelper", "ping_nated_only", 1)
listen=193.2.6.17
# ------------------------- request routing logic -------------------
# main routing logic
route{
if (!mf_process_maxfwd_header("70")) {
sl_send_reply("483","Too Many Hops");
break;
};
if ( msg:len > max_len ) {
sl_send_reply("513", "Message too big");
break;
};
if (nat_uac_test("3")) {
if (method == "REGISTER" || ! search("^Record-Route:")) {
log("LOG: Someone trying to register from private IP, rewriting\n");
# This will work only for user agents that support symmetric
# communication. We tested quite many of them and majority is
# smart enough to be symmetric. In some phones it takes a configuration
# option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone it is
# called "symmetric media" and "symmetric signalling".
fix_nated_contact(); # Rewrite contact with source IP of signalling
if (method == "INVITE") {
fix_nated_sdp("1"); # Add direction=active to SDP
};
force_rport(); # Add rport parameter to topmost Via
setflag(6); # Mark as NATed
};
};
if (!method=="REGISTER") record_route();
if (loose_route()) {
# mark routing logic in request
append_hf("P-hint: rr-enforced\r\n");
route(1);
break;
};
if (!uri==myself) {
# mark routing logic in request
append_hf("P-hint: outbound\r\n");
route(1);
break;
};
if (uri==myself) {
if (method=="REGISTER") {
# Uncomment this if you want to use digest authentication
if (!www_authorize("193.2.6.17", "subscriber")) {
www_challenge("193.2.6.17", "0");
break;
};
save("location");
break;
};
lookup("aliases");
if (!uri==myself) {
append_hf("P-hint: outbound alias\r\n");
route(1);
break;
};
if (uri=~"^sip:[1-9]*@193.2.6.17") { # QUINTUM GW
rewritehost("194.24.1.6");
append_branch("194.24.1.6");
# t_relay_to_udp("194.24.1.6", "5060");
t_relay();
rewritehostport("194.24.1.6:5060");
append_hf("P-hint: VoipSwitch GATEWAY");
break;
}
} else {
if (uri=~"^sip:[0]*@193.2.6.17") { ### Other SER
setflag(1);
rewritehostport("bla.mydomain.com:5060");
append_branch("bla.mydomain.com");
t_relay();
break;
};
};
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
break;
};
# };
append_hf("P-hint: usrloc applied\r\n");
route(1);
}
route[1]
{
# if client or server know to be behind a NAT, enable relay
if (isflagset(6)) {
force_rtp_proxy();
};
# NAT processing of replies; apply to all transactions (for example,
# re-INVITEs from public to private UA are hard to identify as
# NATed at the moment of request processing); look at replies
t_on_reply("1");
# send it out now; use stateful forwarding as it works reliably
# even for UDP2TCP
if (!t_relay()) {
sl_reply_error();
};
}
# !! Nathelper
onreply_route[1] {
# NATed transaction ?
if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") {
fix_nated_contact();
force_rtp_proxy();
# otherwise, is it a transaction behind a NAT and we did not
# know at time of request processing ? (RFC1918 contacts)
} else if (nat_uac_test("1")) {
fix_nated_contact();
};
}
Thanks In Advance!
Pavel Siderov